yuezk/GlobalProtect-openconnect

yuezk/GlobalProtect-openconnect

Releases74

Frequency1 month 16 hours

Last Release about 1 month ago

Stars2.14K

A GlobalProtect VPN client for Linux, written in Rust, based on OpenConnect and Tauri, supports SSO with MFA, YubiKey, and client certificate authentication, etc.

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-45809 ↗	Mar 22, 2022Tuesday, 22 March 2022, 11:15	9.8 CRITICAL	10 HIGH
GlobalProtect-openconnect versions prior to 1.4.3 are affected by incorrect access control in GPService through DBUS, GUI Application. The way GlobalProtect-Openconnect is set up enables arbitrary users to execute commands as root by submitting the `--script=<script>` parameter.
CVE-2021-45810 ↗	Mar 22, 2022Tuesday, 22 March 2022, 11:15	7.5 HIGH	5 MEDIUM
GlobalProtect-openconnect versions prior to 2.0.0 (exclusive) are affected by incorrect access control in GPService through DBUS, GUI. The way GlobalProtect-Openconnect is set up enables arbitrary users to start a VPN connection to arbitrary servers. By hosting an openconnect compatible server, the attack can redirect the entire host's traffic via their own server.